我正在尝试通过Jenkins文件配置checkmarx,之前checkmarx脚本是从全局配置的groovy文件中读取的。
这是我的jenkinsfile的样子
stage('Code Scanning') {
parallel {
stage('Static Code Analysis') {
steps {
step([$class: 'CxScanBuilder',
comment: '',
credentialsId: '',
excludeFolders: '.helmignore, build, templates, javadocs, javadoc,
dist, node_modules, WMSRegistryReader.java,
BlowfishEncryptionStrategy.java, BlowfishUtils.java',
excludeOpenSourceFolders: '',
exclusionsSetting: 'global',
failBuildOnNewResults: false,
failBuildOnNewSeverity: 'MEDIUM',
filterPattern: '''!**/_cvs/**/*, !Checkmarx/Reports/*.*''',
fullScanCycle: 10,
groupId: '0de2e46c-8410-478a-85b9-b5dce83f8ecb',
includeOpenSourceFolders: '',
osaArchiveIncludePatterns: '*.zip, *.war, *.ear, *.tgz',
osaInstallBeforeScan: false,
password: '{}',
preset: '36',
projectName: "${APP_NAME}",
sastEnabled: true,
serverUrl: 'https://checkmarx.abc.com',
sourceEncoding: '1',
username: '',
vulnerabilityThresholdResult: 'FAILURE',
waitForResultsEnabled: true])
}
}
stage('Open Source Compliance') {
steps {
blackduck([appName: "${APP_NAME}", appDomain: "${APP_DOMAIN}", branchName:
"master"])
}
}
}
}
但构建考虑的是从jenkins->配置设置中完成的全局配置,而不是服务jenkinsfile
我的jenkinsfile
中是否有任何语法问题,或者我在这里遗漏了什么。
发布于 2019-11-20 09:26:36
找不到相关文档,但我已设置
exclusionsSetting: '',
而不是
exclusionsSetting: 'global',
为了覆盖全局Checkmarx设置
发布于 2020-09-26 16:13:28
我选择了自由风格,而不是去jenkins的管道工作。下面是我在没有checkmarx插件的情况下进行配置的方法。
首先使用以下命令生成令牌: runCxConsole.cmd GenerateToken -v -CxUser username -CxPassword admin -CxServer http://localhost
Build --> Execute Shell中代码行下面的配置
Jenkins Script
#!/bin/bash
export JAVA_HOME=/usr/bin/java
export CHECKMARX_HOME=/<checkmarx plugin path>/CxConsolePlugin-8.90.2
echo ${WORKSPACE}
echo $CX_PROJECT_NAME
mkdir ${WORKSPACE}/cxReports
export CHECKMARX_REPORTS_HOME=${WORKSPACE}/cxReports
echo $CHECKMARX_REPORTS_HOME
$CHECKMARX_HOME/runCxConsole.sh Scan -v -CxServer <checkmarx server details> -ProjectName "<project anme>" -cxToken <token> -locationtype folder -locationpath "${WORKSPACE}" -preset "Default Checkamrx" -reportcsv $CHECKMARX_REPORTS_HOME/$CX_PROJECT_NAME.csv -ReportPDF $CHECKMARX_REPORTS_HOME/$CX_PROJECT_NAME.pdf
注意:始终使用令牌进行服务器身份验证,而不是在CLI命令中对用户名和密码进行硬编码。
欲了解更多信息,请访问https://checkmarx.atlassian.net/wiki/spaces/SD/pages/222232891/Authentication+Login+to+the+CLI
https://stackoverflow.com/questions/58005589
复制相似问题